If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Linux Security Papers

These papers were taken from the Honeynet Project. The honeyney project also has translated papers available in Francais, Deutsch, suomi, Slovene, Korean, Russian, Italian, Spanish, Chinese, and Polski.

Know Your Enemy - 7/21/00The tools and methodology of the most common black-hat threat on the Internet, the Script Kiddie. By understanding how they attack and what they are looking for, you can better protect your systems and network.

Know Your Enemy || - 6/18/01 How to determine what the enemy is doing by analyzing your system log files. Includes examples based on two commonly used scanning tools, sscan and nmap.

Know Your Enemy |||- 3/27/00 What happens after the script kiddie gains root. Specifically, how they cover their tracks while they monitor your system. The paper goes through step by step on a system that was compromised, with system logs and keystrokes to verify each step.

Know Your Enemy: A Forensics Analysis - 5/23/00 This paper studies step by step a successful attack of a system. However, instead of focusing on the tools and tactics used, we focus on our analysis techniques and how we pieced the information together. The purpose is to give you the skills necessary to analyze and learn on your own the threats your organization faces. MSNBC has released an interactive, online video of the this paper.

Know Your Enemy: Motives - 6/27/00This paper studies the motives and psychology of the black-hat community, in their own words

Know Your Enemy: Worms at War - 11/7/00 See how worms probe for and compromise vulnerable Microsoft Windows systems. Based on the first Microsoft honeypot compromised in the Honeynet Project.

Know Your Enemy: Passive Fingerprinting - 3/2/02 This paper details how to passively learn about the enemy, without them knowing about it. Specifically, how to determine the operating system of a remote host using passive sniffer traces only.

Know Your Enemy: Honeynets - 1/14/02 This paper focuses on what a Honeynet is, its value to the security community, how it works, and the risks/issues involved. This paper has been updated to include GenI, GenII, and Virtual Honeynet technologies/

Know Your Enemy: Statistics - 7/23/01 This paper analyzes eleven months of data collected by the Honeynet Project. Based on this data, we demonstrate just how active the blackhat community is. We also demonstrate that it may be possible to predict future attacks.

Hmm late reply, but the links above may feel good to get a few more visitors..

My only excuse, - "I must have been sleeping or something ."

soulman > There are lliving a few people in Finland and my island is isolated from the rest of the world like a prison (kongo a black hole in nowere). I could not find anyone even if I wanted to do that .